[tor-dev] Sanitizing bridge descriptors containing ed25519 fields

Karsten Loesing karsten at torproject.org
Sat Jun 13 08:08:17 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/06/15 20:02, Karsten Loesing wrote:
> On 01/06/15 17:48, Nick Mathewson wrote:
>> On Mon, Jun 1, 2015 at 3:27 AM, Karsten Loesing 
>> <karsten at torproject.org> wrote:
>>> Which one, the extended "extra-info" line or the additional 
>>> "fingerprint-ed25519" line? :)
> 
>> Not sure.  I haven't actually added either yet; does the status
>> quo not work?
> 
> Well, it's the same use case.  People would be able to grep
> extra-info descriptors for a given identity string, rather than
> having to use a specialized tool for that.  It think it would be
> useful to have.
> 
> (And it would allow me to ignore the identity-ed25519 crypto block 
> entirely rather than having to parse the contained data structure
> and pick the bytes I want.)
> 
>> I think the master-key-ed25519 line is the likeliest way; I
>> don't know if adding an extra arg to the first line is clever.
> 
> I'm fine with either solution.  If your preference is to add
> another master-key-ed25519 line (and if you agree that it would
> make sense to have the plain-text master key in extra-info
> descriptors at all), sounds good to me.

Please find the following ticket for a first implementation of the new
sanitizing code.  It comes with two samples of sanitized descriptors
containing new fields.

https://trac.torproject.org/projects/tor/ticket/16359

All the best,
Karsten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org

iQEcBAEBAgAGBQJVe+TxAAoJEJD5dJfVqbCrkDMIAJ96cYxpSai+KHhWec4brGLj
NPZ1w6yLyNiWtdVkeSTXWDUJ4QwzuiHz4qUGP600rkuDDwDFxKqq7KuR0a/e66k7
rT/lVzZJeXWOoE2rzolcFl8QXW0VhwBCwyyr/c+xHs8KLJDrjG/xCLL/nM8tZEra
n0BnLNt2kCgnLl1aSnHL83y3BwpGe4BEnvwTLag1xj+opbuTOS9nx+cFaC0uWolq
fT2Vi5PKq9a1lHy/UTRN2athhVKCLepBWS9fuFRLIY3T7w0GNSa6s4ky+BpeDoL2
kIPCdT2FPAms2aqy8Di9DS7oZqXsJsIWF6P+A/xcL5Mh+DO5gFOidvM7h2gHXEs=
=5an+
-----END PGP SIGNATURE-----


More information about the tor-dev mailing list